Privacy Policy
We process the data needed to provide the service, manage your account, store the information you enter into your tax workspace, handle billing, and protect platform security. You can exercise your rights by writing to contacto@autonomo-simple.es.
1. Data controller
The data controller is Autónomo Simple, contact email contacto@autonomo-simple.es. Registered in the Commercial Register of Valencia.
2. What data we process
We may process account and identification data (name, email), authentication data, billing and subscription data (managed by Stripe), data you add to the service such as invoices, expenses, payments, assets and tax settings, and technical and security data needed to operate the platform (logs, IPs, session cookies).
3. Purposes and legal bases
We process data to: (a) provide the service and perform the contract with you; (b) manage billing and subscriptions via Stripe; (c) respond to support requests; (d) prevent fraud or abuse; (e) comply with legal obligations; (f) where applicable, manage analytics cookies based on consent when legally required.
4. Recipients and processors
Your data may be processed by providers offering essential services: hosting (Vercel), database (Supabase/PostgreSQL), email delivery, authentication (NextAuth), payments (Stripe) and artificial intelligence for receipt scanning (Anthropic API). We do not sell your data. We only disclose it to third parties where legally required or necessary to provide the service.
5. International transfers
Some of our providers are located outside the European Economic Area (for example, in the United States). In those cases we adopt the appropriate safeguards required by the GDPR, such as Standard Contractual Clauses approved by the European Commission or other valid transfer mechanisms.
6. Retention
We keep your data while your account is active or while it remains necessary for the purpose it was collected. After account deletion, certain data may be kept in restricted form for the applicable legal retention periods (tax, accounting, security) before permanent deletion.
7. Your rights
You may request access, rectification, erasure, objection, restriction of processing and portability where applicable. You may also withdraw consent when processing is based on consent. To exercise your rights, write to contacto@autonomo-simple.es. If you believe your rights have not been properly addressed, you may lodge a complaint with the Spanish Data Protection Agency (aepd.es).
8. Security
We apply reasonable technical and organisational measures: access controls, password hashing, encryption in transit (HTTPS), environment separation and security monitoring. No system is absolutely secure, but we work to minimise risks.
9. Changes and contact
We may update this policy to reflect legal, technical or service changes. The current version will be published on this page with the update date. For any privacy-related matter, contact contacto@autonomo-simple.es.